mirror of https://github.com/trailofbits/algo
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
87 lines
2.8 KiB
Markdown
87 lines
2.8 KiB
Markdown
8 years ago
|
# RedHat/CentOS 6.x pre-installation requirements
|
||
8 years ago
|
|
||
8 years ago
|
Many people prefer RedHat or CentOS 6 (or similar variants like Amazon Linux) for to their stability and lack of systemd. Unfortunately, there are a number of dated libraries, notably Python 2.6, that prevent Algo from running without errors. This script will prepare a RedHat, CentOS, or similar VM to deploy to Algo cloud instances.
|
||
8 years ago
|
|
||
|
## Step 1: Prep for RH/CentOS 6.8/Amazon
|
||
|
|
||
8 years ago
|
```shell
|
||
8 years ago
|
yum -y -q update
|
||
|
yum -y -q install epel-release
|
||
|
```
|
||
|
|
||
|
Enable any kernel updates:
|
||
|
|
||
8 years ago
|
```shell
|
||
|
reboot
|
||
|
```
|
||
8 years ago
|
|
||
8 years ago
|
## Step 2: Install Ansible and launch Algo
|
||
8 years ago
|
|
||
8 years ago
|
Fix GPG key warnings during Ansible rpm install:
|
||
8 years ago
|
|
||
8 years ago
|
```shell
|
||
|
rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6
|
||
|
```
|
||
8 years ago
|
|
||
8 years ago
|
Fix GPG key warning during official Software Collections (SCL) package install:
|
||
8 years ago
|
|
||
8 years ago
|
```shell
|
||
|
rpm --import https://raw.githubusercontent.com/sclorg/centos-release-scl/master/centos-release-scl/RPM-GPG-KEY-CentOS-SIG-SCLo
|
||
|
```
|
||
8 years ago
|
|
||
8 years ago
|
RedHat/CentOS 6.x uses Python 2.6 by default, which is explicitly deprecated and produces many warnings and errors, so we must install a safe, non-invasive 2.7 tool set which has to be expressly enabled (and will not survive login sessions and reboots):
|
||
8 years ago
|
|
||
8 years ago
|
```shell
|
||
8 years ago
|
# Install the Software Collections Library (to enable Python 2.7)
|
||
|
yum -y -q install centos-release-SCL
|
||
|
|
||
|
# 2.7 will not be used until explicitly enabled, per login session
|
||
8 years ago
|
yum -y -q install python27-python-devel python27-python-setuptools python27-python-pip
|
||
8 years ago
|
yum -y -q install openssl-devel libffi-devel automake gcc gcc-c++ kernel-devel wget unzip ansible nano
|
||
8 years ago
|
|
||
8 years ago
|
# Enable 2.7 default for this session (needs re-run between logins & reboots)
|
||
8 years ago
|
# shellcheck disable=SC1091
|
||
|
source /opt/rh/python27/enable
|
||
8 years ago
|
# We're now defaulted to 2.7
|
||
8 years ago
|
|
||
8 years ago
|
# Upgrade pip itself
|
||
|
pip -q install --upgrade pip
|
||
8 years ago
|
# python-devel needed to prevent setup.py crash
|
||
8 years ago
|
pip -q install pycrypto
|
||
8 years ago
|
# pycrypto 2.7.1 needed for latest security patch
|
||
8 years ago
|
pip -q install setuptools --upgrade
|
||
8 years ago
|
# virtualenv to make installing dependencies easier
|
||
|
pip -q install virtualenv
|
||
8 years ago
|
|
||
|
wget -q https://github.com/trailofbits/algo/archive/master.zip
|
||
8 years ago
|
unzip master.zip
|
||
8 years ago
|
cd algo-master || echo "No Algo directory found"
|
||
8 years ago
|
|
||
8 years ago
|
# Set up a virtualenv and install the local Algo dependencies (must be run from algo-master)
|
||
|
virtualenv env && source env/bin/activate
|
||
8 years ago
|
pip -q install -r requirements.txt
|
||
8 years ago
|
|
||
8 years ago
|
# Edit the userlist and any other settings you desire
|
||
8 years ago
|
nano config.cfg
|
||
8 years ago
|
# Now you can run the Algo installer!
|
||
8 years ago
|
./algo
|
||
|
```
|
||
|
|
||
8 years ago
|
## Post-install macOS
|
||
|
|
||
|
1. Copy `./configs/*mobileconfig` to your local Mac
|
||
|
|
||
|
2. Install the VPN profile on your Mac (10.10+ required)
|
||
|
|
||
|
```shell
|
||
|
/usr/bin/profiles -I -F ./x.x.x.x_NAME.mobileconfig
|
||
|
```
|
||
|
|
||
|
3. To remove:
|
||
8 years ago
|
|
||
8 years ago
|
```shell
|
||
|
/usr/bin/profiles -D -F ./x.x.x.x_NAME.mobileconfig
|
||
|
```
|
||
8 years ago
|
|
||
|
The VPN connection will now appear under Networks (which can be pinned to the top menu bar if preferred)
|